The infamous TrickBot trojan has started to check the screen resolutions of victims to detect whether the malware is running in a virtual machine.
When researchers analyze malware, they typically do it in a virtual machine that is configured with various analysis tools.
Due to this, malware commonly uses anti-VM techniques to detect whether the malware is running in a virtual machine. If it is, it is most likely being analyzed by a researcher or an automated sandbox system.
Source: Bleeping Computer